Enabled encryption and disabled it again and now it throws me an error in the interface and the logs

SirMuffington · April 18, 2022, 4:07pm

Yes, I’ve already looked at similar issues here and on Google and I don’t seem to have enabled legacy encryption so that’s irrelevant for me as well.

Or for longer, use three backticks above and below the code snippet:

Invalid private key for encryption app. Please update your private key password in your personal settings to recover access to your encrypted files.

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can

[/details]

Nextcloud version (eg, 20.0.5): Nextcloud Hub II (23.0.3)
Operating system and version (eg, Ubuntu 20.04): Debian 11
Apache or nginx version (eg, Apache 2.4.25): nginx/1.20.2
PHP version (eg, 7.4): 8.0.17

The issue you are facing:

I’ve recently setup Nextcloud and I’ve messed with the encryption settings by turning it on and off again. And since then I get the error mentioned above in the interface and the logs hourly. How do I fix this?

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

Turn on Server-Side-Encryption
Turn off Server-Side-Encryption

The output of your Nextcloud log in Admin > Logging:

Warning	encryption	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-04-18T17:49:59+0200
Warning	encryption	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-04-18T17:33:58+0200
Warning	encryption	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-04-18T16:26:30+0200
Warning	encryption	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-04-18T16:25:37+0200
Warning	encryption	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-04-18T16:25:37+0200
Warning	encryption	OC\ServerNotAvailableException: Legacy cipher is no longer supported!

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

standard

The output of your Apache/nginx/system log in /var/log/____:

irrelevant


Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

same as above basically

occ tells encryption is off…

just · April 18, 2022, 5:06pm

Do you mean server side encryption? Or client side. I will assume server side…

Did you read admin documentation?

There is a specific process for enabling encryption.
And a different process for disabling it for you remove the app.

Try following the instructions to fully disable server side encryption there rather than just turning it on and off again. Hope this helps.

SirMuffington · April 18, 2022, 5:28pm

I mean server-side-encryption, yes.

I tried following the guide, but as I’ve posted above it says that encryption is off… And also it seems that I need to be NOT in the maintenance mode to decrypt files, even though I’m pretty sure nothing was actually encrypted.

just · April 18, 2022, 5:53pm

Try running the linked occ commands that the documentation specifies to ensure everything is decrypted properly before you disable the app.

Daphne · April 18, 2022, 5:53pm

This is very tricky. I hope you have a backup, I recommend you to restore this backup.

SirMuffington · April 18, 2022, 6:22pm

Now it says

ll
Server side encryption not enabled. Nothing to do.

Certainly a bug…

just · April 18, 2022, 6:31pm

My understanding is you:

Enabled server side encryption app.

Did you do anything else at this point? Super critical to consider.

Disabled server side encryption app.
Are seeing errors in your log.

Yes? That would make total sense since you did not follow the documentation. You must follow it exactly or you are asking for trouble. You have to follow an explicit process with server side encryption.

It is not enabled because you have disabled it. Did you record down the encryption key somewhere? You should need it to re-gain control of encryption so you can properly disable it according to the documentation. It is all up to you.

Or, simply roll back your instance to the backup you hopefully made as daphne said. Good luck with this.

SirMuffington · April 18, 2022, 7:10pm

Your understanding is correct and after Step 1 I doubt I did something else, but do please note that I added the Encryption module or something similar like that, where I also installed Nextcloud Talk, I apparently can’t find where I did that anymore…

I did not follow the documentation, that’s true, since I did not expect for it to be so complicated, there was no warning about it either. The encryption key was never displayed to me…

Is there a way to fix this without the backup? All my files seem to be not encrypted so far, I can still view them. I am not 100% sure on the last sentence though

SirMuffington · April 20, 2022, 5:53pm

Seems like disabling the default encryption module fixed the problem.